CYBER SECURITY 2018

Grand Hotel Oslo by Scandic 25. - 26. April 2018

Threat actors are more sophisticated, with more detailed knowledge not only about critical and proprietary control system components, but also about the actual physical process that is being controlled. Some threat actors are also increasingly able to demonstrate that they have access to extensive skills, financial backing and resources.

Norwegian businesses depend on the ability to implement strategies to improve cyber security urgently in an ongoing process. Cyber security attacks on industrial automation and control systems can in the worst case have physical conse-quences. The industry is meeting the new challenges when critical systems that were isolated before are now connected to networks, possibly also to the Internet.

This NFEA conference focuses on cyber security in critical infrastructure internationally as well as the status for cyber security in the oil and gas industry. Leading standards that apply today will be presented along with how the standards are being applied within different corporations’ governance frameworks and procedures.

This year we have a special focus on «Security for safety», and we try to point out how new technology can challenge critical systems we thought were safe.

09:00 Registration

09:50 Welcome Karin Sundsvik, Director, NFEA

10:00 Cyber threats and the petroleum industry Possibilities for learning? Asbjørn Ueland Petroleum Safety Authority Norway

10:30 Embodied vulnerabilities –Cyber-physical security of medical devices Marie Moe SINTEF Digital

11:00 Introduction to the IEC62443 standards Judith Rossebø ABB

11:30 Lunch

12:00 Introduction to the European IACS components Cybersecurity CertificationFramework(ICCF) CertificationaccordingtoIEC62443-4-2. Beat Kreuter DEKRA Certification BV

13:00 HowISA/IEC62443standardseriesis used in Scandinavia Vidar Hedtjärn Swaling Swedish Defence Research Agency

13:30 ProtectionLevelsandhowyoucould dealwiththem Rune Stensletten Siemens AS

14:00 Break

14:30 IEC62443andriskbaseddesignsfor critical systems in oil & gas projects Fredrik Gratte Erik Provan Aker Solutions AS

15:00 Cyber Security in the manufacturing industry Karl Schrade,Senior ICS Security Consultant Phoenix Contact Cyber Security

15:30 To be announced Bjarte Olsen ABB AS

16:00 End day one

18:30 Conference dinner at Bølgen & Moi, Tjuvholmen

The program is subject to change.

25.APRIL

IEC 62443Chair:JanMunkejordStatoilASA

Best practiceChair:TorAndersHauge,GlencoreNikkelverk

08:30 Lessonslearned,ransomware Karsten Rosgaard Maersk Drilling A/S

09:00 (in)SecurityinBuildingAutomation: HowtoCreateDarkBuildingswithLight Speed Thomas Brandstetter Limes Security

09:30 ChallengesgoingfromFieldbusto Ethernetnetworks Patrick Lansdorf, Channel Partner Manager HMS Industrial Networks AB

10:00 Break

10:30 AttackdetectionusingSIEM-Security Information and Event Management Ådne Faugstad-Kaldestad, Cyber Security Senior Engineer, ABB AS Olav Mo, Cyber Security Manager, ABB AS

11:00 Security In maritime communications, autonomous ship Christian Frøystad SINTEF Digital

11:30 Lunch

12:30 APT case study Martin Eian mnemonic AS

13:00 OPC enables secure real-time communicationwithIndustrial Control Systems Randy Kondor, P.Eng. OPC Training Institute

13:30 Break

13:45 Security for Safety The NAMUR NE 163 Method Erwin Kruschitz anapur AG / NAMUR

14:15 Railwayintechnologicaldevelopment- aretheresufficientmechanismsto protectagainstcyberattacks? Roar Andreassen Kaja Daae Torsteinsen Lloyd’s Register Consulting – Energy AS

14:45 Pandora’s box Casestudiesandreviewsshowinghow hackerscanutilizesupportsystemstoget abackdoorintoyourcriticalinfrastructure Lars Erik Smevold KraftCERT

15:15 End of conference

The program is subject to change.

IntroductiontoMaerskbyJudithRossebø,ABB

Thankstooursponsors:

26.APRIL

Critical systemsChair:TrygveKristoffersen,Triple-S

Newtrends,technologiesandIndustry4.0Chair:MarieMoe,SINTEFDigital

Practicalinformation

Time and place for the conference: 25. - 26. April 2018 Grand Hotel Oslo by ScandicKarl Johans gate 31, 0159 Oslo

Registration: Register for the conference at www.nfea.no or email: nfea@nfea.no

Cancellation: Cancellation later than three weeks before the conference will be charged with a fee of NOK 2.000,-. Cancellation later than one week will be charged with the full fee. Cancellation needs to be notified in writing to be valid.

ParticipantFee:Company member kr. 7 000,-Personal member kr. 7 000,-Education member kr. 4 000,-Education Non member kr. 5 000,-Non member kr. 9 000,-

Exhibition(max3m.length)-inclusive one participant:Members kr. 12 000,-Non members kr. 14 000,-

Exhibitionincl.logo:- inclusive one participantCompany member kr. 16 000,-Non member kr. 18 000,-

Logo in the program: Members kr. 5000,- Non members kr. 7500,

Program Commitee:Jan Munkejord – Statoil ASA, Commitee Leader Tor Anders Hauge – Glencore Nikkelverk AS Trygve Kristoffersen – Triple-S AS Marie Moe – SINTEF Digital Judith Rossebø – ABB AS Frode Stensletten – Goodtech ASKarin Sundsvik– NFEA Tonje Olsen – NFEA

Hotel: We have reserved some rooms at Grand Hotel by Scandic. Booking at www.grand.no with the reference code BBES240418. (Code valid until 26th of March)

Dinnerat25thofApril:NFEA will arrange a dinner at Bølgen & Moi, Tjuvholmen 25th of April. Price: NOK 850,- We hope you will attend this social gathering. Sign up for the dinner latest within 13th of April.

MembershipinNFEA: Company member NOK 5 000,-Personal member NOK 500,-Education/research companies NOK 5 000,-Students are free of charge.

Language: If possible prepare the written presentations in English. Each individual speaker may decide whether they wish to speak Norwegian or English, however the preferred lauguage is English.

NFEAisnotresponsibleforexpensesparticipantsmayhaveinconnectionwiththeconferenceduetounforeseeneventslikeflightcancellationsetc.Theprogramissubjecttochange.

EXHIBITORS:

Phoenix Contact Phoenix Contact Cyber Security

SecurityMattersTriple-S AS